<?php

class Access_Controller_Plugin_Authenticator extends Zend_Controller_Plugin_Abstract{

	protected $_acl;
	
	protected $_role;
	
	protected $_resouce;
	
	public function __construct(){
		$this->_acl = new Access_Acl();
	}
	
	public function dispatchLoopStartup (Zend_Controller_Request_Abstract $request)
    {
        if(Zend_Auth::getInstance()->getIdentity()){
        	$this->_role = Zend_Auth::getInstance()->getIdentity()->_data['role'];
        	switch ($this->_role){
        		case 'user':
        			$this->_role = Access_Roles::USER;
        			break;
        		case 'emp_wh':
        			$this->_role = Access_Roles::EMP_WH;
        			break;
        		case 'emp_cs':
        			$this->_role = Access_Roles::EMP_CS;
        			break;
        		case 'emp_fn':
        			$this->_role = Access_Roles::EMP_FN;
        			break;
        		case 'admin':
        			$this->_role = Access_Roles::ADMIN;
        			break;
        		default:
        			$this->_role = Access_Roles::GUEST;		
        	}
        }else{
        	$this->_role = Access_Roles::GUEST; 
        }
        
        
        $this->_resource = $this->make($request->getModuleName(),$request->getControllerName(),$request->getActionName(),false);
        
        if("shippinglabel" == $request->getControllerName()){
//        	var_dump(APPLICATION_PATH . '/' . $request->getControllerName() . '/' . $request->getActionName() . "/" . $request->getParam('file'));
			if(file_exists(APPLICATION_PATH . '/' . $request->getControllerName() . '/' . $request->getActionName() . "/" . $request->getParam('file'))){
	        	$pdf = Zend_Pdf::load(APPLICATION_PATH . '/' . $request->getControllerName() . '/' . $request->getActionName() . "/" . $request->getParam('file'));
				header('Content-Type: application/pdf');
				echo $pdf->render();
			}
        }
        
        
        //If given (page) resource is not registered then display error page
       	if(!$this->_acl->has($this->_resource)){
        	$request->setModuleName('buyback');
       		$request->setControllerName('error');
       		$request->setActionName('error');
       		return;
        }
       	
       	if(Access_Roles::GUEST == $this->_role && !$this->_acl->isAllowed($this->_role, $this->_resource)){
//       		create algorithm to help make the URI a little neater.
       		$request->setParam('nextPage',$this->make($request->getModuleName(),$request->getControllerName(),$request->getActionName()));
       		$request->setModuleName('user');
       		$request->setControllerName('login');
       		$request->setActionName('index');
       		return;
       	}else if(Access_Roles::GUEST != $this->_role && !$this->_acl->isAllowed($this->_role, $this->_resource)){
       		//If given (page) resource is registered then check is role has access rights for said resource else show denied page.
       		$request->setModuleName('buyback');
       		$request->setControllerName('error');
       		$request->setActionName('denied');
       		return;
       	}	
       	
       	
    }
	
    
    /**
     * @param string $module
     * @param string $controller
     * @param string $action
     * @returns formatted Uri
     */
    public function make($module, $controller, $action, $uri = true){
    	
    	if($uri){
    		$separator = "/";
    	} else{
    		$separator = ":";
    	}
    	$formattedUri = null;
//    	Adding module only if module name is not 'buyback'
    	if('buyback' != $module || !$uri){
    		$formattedUri = $module;
    	}
//    	adding controller to empty or prefilled $formattedUri
    	if(null == $formattedUri)
    		$formattedUri = $separator . $controller;
    	else
    		$formattedUri .= $separator . $controller;
//    	Adding action only if not 'index'
    	if($uri && 'index' != $action){
    		$formattedUri .= $separator . $action;
    	}
    	return $formattedUri;
    }
}